Friday, February 27, 2009

Sun chairman Scott McNealy, continuing his rising public role, is in Washington banging the drum for open source. Think of it as McNealy 2.0.

He’s not asking what Sun can do for government but what government can do for Sun. A commitment to open source would give Sun hardware a big leg-up on procurement. By the numbers Sun is still a hardware company and McNealy its chief salesman.

What’s interesting to me is that some in the White House already understand the power of open source. Dries Buytaert confirmed 10 days ago that the Recovery.Gov Web site is based on Drupal, the open source CMS. (The illustration is from that site.)

Thursday, February 26, 2009

The UK is seeking to boost adoption of open source software in government IT in order to save costs. The new procurement policies laid out in a government plan give preference to open source software in some cases and broadly mandates the use of open standards.

In an effort to cut costs and use taxpayer money more efficiently, the government of the UK intends to increase its adoption of open source software. A report issued Wednesday by the Chief Information Officer Council outlines the benefits of using open source in government IT and establishes a roadmap for improving procurement policies so that they are more conducive to open source adoption.

In the report, digital engagement minister Tom Watson says that the collaborative development model and the high potential for code reuse inherent in open source software deliver real value. Since the UK government's initial push for internal open source adoption in 2004, Linux and open source technology have become a critical part of the government's IT infrastructure.

"Open Source has been one of the most significant cultural developments in IT and beyond over the last two decades: it has shown that individuals, working together over the Internet, can create products that rival and sometimes beat those of giant corporations," he wrote in the report. "It has shown how giant corporations themselves, and Governments, can become more innovative, more agile and more cost-effective by building on the fruits of community work; and from its IT base the Open Source movement has given leadership to new thinking about intellectual property rights and the availability of information for reuse by others."

Friday, February 20, 2009

Claims world's first open source generic communication protocol between a Key Manager and encrypting device

Sun Microsystems has released what it claims is the world's first generic communication protocol between a Key Manager and an encrypting device into an open source community. The protocol is implemented as a complete toolkit and is downloadable from the OpenSolaris website.

Governments, finance, healthcare, retail and other vertical markets need to comply with current regulatory laws that create mandates to protect sensitive stored data. To support these requirements, this protocol is available to customers using the Sun StorageTek KMS 2.0 Key Manager and Sun StorageTek T9840D, T10000A, T10000B Enterprise Drives, as well as Sun StorageTek HP LTO4 drives shipped in Sun libraries. A number of additional partners are developing products based on this protocol, including EMC, whose RSA security division has talked about releasing it as an option on their RKM Key Manager.

"Open Storage solutions allows customers to break free from the chains of proprietary hardware and software and this new protocol extends this lifeline into the expensive and highly fragmented encryption market," said Sun's Jason Schaffer. "Open source equals customer value for encryption solutions and Sun now offers the only solution on the market that works across multiple vendors and suppliers."

By releasing the Sun protocol as open source, Sun says it is taking a step towards unifying the technology. Sun continues to work with partners in the industry and with appropriate standards bodies such as IEEE 1619.3 Working Group and OASIS to further develop and formalize the interface as an industry standard. RSA is currently developing a solution using this protocol to work with their RKM key manager. IBM drive division is working on supporting this protocol for their IBM LTO4 drive shipped in Sun Libraries. Additionally, Sun has shared this protocol with numerous other industry partners including computer OEMs, back up application providers, disk array and switch manufacturers.

Thursday, February 19, 2009

It's surprising that there isn't even a general mention about open source software or related vendors

Fast Company recently published a list of the "world's most innovative companies." Funny enough, the No. 1 company is really not a company; it's Team Obama. Bygones.

IT vendors like Google (No. 2), Apple (No. 4), Cisco (No. 5), Intel (No. 6), Amazon (No. 9), HP (No. 12), IBM (No. 19), and Microsoft (No. 34) are in the top 50. However, there isn't one open source vendor listed. The closest OSS vendor is Sun, which made the 2008 list and hence is included in the "33 companies from last year's Fast Company 50 that didn't make the list this time but deserve watching."

Tuesday, February 17, 2009

It's working with standards committees to win acceptance of its protocol

Sun Microsystems Inc. announced today that it is throwing its hat into the standards arena, proposing that its open-source key management application programming interface (API) be used as a universal way to allow encrypting devices to communicate with key management systems.

Sun said its reseller partners can now adopt the open-source protocol to handle encryption keys without additional licensing. The protocol is implemented as a complete toolkit and can be downloaded from the Open Solaris Web site.

"This defines the way a key manager exchanges encryption keys with an encrypted device such as a tape drive or a disk drive," said Piotr Polanowski, Sun's encryption product manager. "The market has been pretty fractured when it comes to key management technology, and we just want to be able to offer widest availability of that. We believe it benefits our customers, and so it will ultimately benefit us as well." Sun said its API protocol is currently available to customers using the Sun StorageTek KMS 2.0 Key Manager and StorageTek T9840D, T10000A and T10000B tape drives, as well as Sun's HP LTO4 drives shipped in Sun libraries.

"Open Storage solutions allows customers to break free from the chains of proprietary hardware and software, and this new protocol extends this lifeline into the expensive and highly fragmented encryption market, Jason Schaffer, senior director of storage product management at Sun, said in a statement.

Earlier this month, IBM, Hewlett-Packard and EMC said they are also working on proposing a new standard, called the Key Management Interoperability Protocol (KMIP) to make their encryption management software work together. The standard is being proposed through the Organization for the Advancement of Structured Information Standards (OASIS), the consortium best known for its development of Web services standards.

Monday, February 9, 2009

Collaboration to expand awareness and use of lower-cost computer applications

In a bid to promote the wider use of open-source software in Thailand, the National Electronics and Computer Technology Centre (Nectec) has joined five local computer manufacturers to pre-install open-source software suites in personal computers.

The five companies are SVOA, D Com, Synnex (Thailand), IT Bakery and Powell Computer.

Nectec's director Pansak Siriruchatapong said Nectec was developing and customising open-source software suites for the local-brand PC companies, including the operating system Ubuntu Linux and applications such as Open Office, Firefox Web browser and Thunderbird e-mail software.

"This is the first time that end-users will experience a set of ready-for-use open-source suites - not simply the operating system - pre-loaded into new computers they buy. It is very convenient for them to get all the necessary computer applications at lower cost," Pansak said.

The move is expected to increase the local adoption of open-source software from its present level of less than 1 per cent, and to build a greater awareness of open-source software among consumers.

He said that in the past, most open-source adoption was by "hard core" users, and more uses were in the server environment. This project aims to expand acceptance of open-source software among consumers in the personal-computer environment.

Sunday, February 8, 2009

[Duncan McLeod Financial Mail] With Microsoft readying itself for the release of a fast, streamlined operating system in Windows 7, the Linux community needs to pull the proverbial rabbit out of the hat if the free and open-source operating system is to stay relevant on desktop computers.

Microsoft last month released a “beta” or test version of Windows 7, its newest operating system for desktop PCs. Unlike Vista, which was derided by consumers and the technology press for being bloated, slow and problematic for many users, Windows 7 is winning plaudits from those who have installed it.

Windows 7 runs faster than Vista and works well on the new generation of “netbooks”, the low-cost, low-power laptops from the likes of Acer, Toshiba and Asus. These lightweight, barebones machines typically sell for between R3 000 and R6 000, prompting many consumers who use their computers for Web browsing, e-mail and basic productivity tasks to shun more expensive notebooks.

Most netbooks are, however, unable to run Vista, causing a big headache for Microsoft — the company has been forced to continue selling and supporting the now eight-year-old Windows XP on these machines. Worse, the rise of netbooks has resulted in Linux, which is less demanding of system resources than Vista, gaining a toehold in a market that Microsoft had completely dominated.

The company is fighting back hard with Windows 7. The new operating system, due for release later this year, could spell the end for Linux on the desktop — before the free system, developed by enthusiast programmers around the world, has had a chance to establish a meaningful place for itself.

The problems for desktop Linux go beyond Windows 7, though. Ubuntu, the most popular version of Linux — its development is funded by SA-born billionaire Mark Shuttleworth — is looking increasingly dated.

Next to Windows 7 and Apple’s Mac OS X, Ubuntu and other Linuxes are looking old fashioned. Other than some nifty 3D effects, Ubuntu has not had a significant refresh of its graphical user interface since it was launched more than four years ago.

Friday, February 6, 2009

It's a familiar story. Microsoft does a secret deal with a company over patent licences. Almost no details are provided about which patents, how much money has changed hands, or why, except for one vaguely worded press release that talks about how such secret deals benefit the customer through openness and innovation.

This time, the lucky donor of cash for secrets is Brother, which will now be allowed to use Microsoft patents to make printers. As Microsoft doesn't make printers – indeed, doesn't even make printer drivers – it is an interesting exercise to try and guess what's actually happened. It's fruitless to ask either of the companies – and we did try. In cases like this, as in the best gangster movies, nobody ain't sayin' nothin'.

Patents, you might remember, are designed to encourage innovation by the disclosure of information: when a $1.8bn company pays a $230bn company a secret amount for secret rights to a secret list of patents – something else is going on than the open promotion of innovation and "a healthy and vibrant IT ecosystem."

In this case, as so often, it involves Linux. Brother uses Linux in some of its printers. Microsoft claims that Linux infringes its patents. It won't say in public which ones, and it doesn't attempt to press such claims against companies – such as IBM – who would want to fight back and not care about the cost (Ask SCO how that business with AIX went). It doesn't go after people who have little to lose and plenty to gain by fighting back, such as individual high-profile developers or small open-source teams. And it has never gone to court on this matter.

Thursday, February 5, 2009

The Canadian government is looking to shave costs wherever it can and is now eyeing open source software as one way to accomplish that goal.

The government of Canada has issued an official Request For Information (RFI) on open source software and is looking for feedback and public guidance to help shape procurement policies. This move could be a prelude to broader adoption of free and open source software in the Canadian government's IT infrastructure.

Although Canada has weathered the global financial crisis better than many other countries, its government is looking for ways to compensate for a recent glut of stimulus spending that has generated the country's first budget deficit in over a decade. To help keep the economic recovery plan on track, Canada's government is looking for ways to spend smarter.

The language used in the RFI makes it pretty clear that cost reduction is priority number one. It uses the broad term "NO CHARGE LICENSED SOFTWARE", which it defines as software that is open source or available at no cost. According to the RFI, Canada is exploring no-cost software options on the desktop as well as the server, in categories that include operating systems, office suites, and automation systems.

Wednesday, February 4, 2009

Could Microsoft (NSDQ: MSFT) take its cash reserves and buy an open source company? Why not? Who expected Oracle (NSDQ: ORCL) and Citrix Systems (NSDQ: CTXS) to become such big investors in open source. Citrix' purchase of XenSource sure has worked out--for Microsoft, in my opinion. And that example might seed a desire for more open source code in Microsoft's camp.

Just because Microsoft bought an open source company doesn't mean it would have to add its code to Windows or some other product, then give it away. Oracle bought InnoDB and Sleepycat's BerkeleyDB as ways to expand its customer base and product line, and it did so without putting Oracle 11g under the GPL. Microsoft could do the same thing.

I don't want to carry this argument too far. Some people will say Microsoft is about as likely to buy an open source company as it is to make Windows open source. Ah, check my thoughts on that topic here.

I don't think any purchase is on the immediate horizon, but I don't rule out such a thing happening in the next two years. Microsoft, more slowly than most, has begun to discern the value of open source code functioning with Windows and the rest of its product line. When Citrix bought XenSource for $500 million, Microsoft spokesmen acknowledged they gained both Linux and virtualization expertise from its close ally through the purchase. That expertise speeded the delivery of its hypervisor, Hyper-V.

Tuesday, February 3, 2009

How much of a problem is security updating for open source software going to be in 2009?

On Jan. 1, Dana Blankenhorn published the sensationally titled The biggest threat to open source in 2009.

His thesis is simple: that, because open source software usually lacks any mechanisms for easily updating to the latest security patched version, the growing popularity of open source software will render it more vulnerable to problems than its closed source counterparts.

As a lead-in to his main point, he said:

There is no longer any doubt that hackers and malware writers are going after open source projects as they once went after Windows. Vulnerabilities are being found, discovered, created, exchanged.

There seems to be a common malady amongst opinionated tech writers--that of never quite getting it when it comes to the fundamental principles of security. A particular favorite for being ignored is that of security through obscurity.

Many many moons ago, I wrote what I think is a decent treatment of the subject as it applies to open source software, Security through visibility. While it makes a pretty strong case for ignoring the bleatings of "popularity is insecurity" doomsayers, it's really only the first step toward full understanding of all the problems with the assumption that the only thing "secure" about open source software is obscurity.

Monday, February 2, 2009

Microsoft's Web Sandbox Live Labs project is now available under an open source license. Microsoft chose the Apache 2.0 license for the project, but pointed out that the project will not become an Apache project, although the vendor has been a member of the Apache Software Foundation since July 2008.

The Sandbox technology aims at allowing developers to create secure mash-up solutions and page extensions, like ads, or web-based gadgets, by isolating the components. In addition, the project wants to provide interoperability with script frameworks.

The software giant presented Web Sandbox in a Community Technology Preview (CTP) at its Professional Developers Conference (PDC) in autumn 2008, but the project was slightly overlooked, as the media largely responded to other technologies, like Windows 7 and Azure. The project is based on Microsoft's experience with DHTML, web-based gadgets and the BrowserShield project.

Sunday, February 1, 2009

Does the Open Source Model work better than its commercial alternative? This post comes on the heels of one of my fellow Staff Writer's posting the story, "A Modest Idea: What If Microsoft Open Sourced Windows?" And I'm aiming this commentary at Microsoft too but it applies to any company who seeks profit over what is fundamentally correct behavior in the marketplace. I'm not against anyone making a profit. Profit is good. Forfeiting good business sense and sacrificing employees in the name of profit are bad.

Steve Ballmer announced the other day that Microsoft is joining the host of other companies by laying off thousands of workers. In his company-wide email, he blamed the poor economy for the layoffs.

"But it is also clear that we are not immune to the effects of the economy. Consumers and businesses have reined in spending, which is affecting PC shipments and IT expenditures."

Yes, it's true that the economy is not great right now but I don't suppose their layoffs have anything to do with the dismal performance of Microsoft's flagship desktop operating system, Vista, does it? Nor does it have anything to do with the fact that many are turning away from Microsoft in record numbers because of his poor performance as well.